R. M. Sashen Oshada,
S. P. J. Yapa,
A.W.M Mahith Thejaka Abeysinghe,
M. M. Murshid,
M. Akthar Kuthubdeen,
R. M. Dhanuka Rajapaksa
2024 April 8
Cloud security, sometimes referred to as cloud computing security, is a group of security controls intended to safeguard data, apps, and infrastructure that are hosted on the cloud. These safeguards provide data privacy protection, data and resource access management, and user and device authentication. Security measures are divided into three categories:
Security dependent on providers: Cloud service providers protect the physical data centers and network architecture by implementing infrastructure-level security measures. Firewalls, penetration testing, obfuscation, tokenization, virtual private networks (VPN), and avoiding public internet connections are some of the techniques used to provide cloud security. Data that is being moved into and out of the cloud (in motion) or stored (at rest) is shielded from security risks, theft, and corruption by means of cloud data security.Given the complexity of cloud security, a well-thought-out and well-supported architecture is essential.
Among the hazards are the possibility of unmanaged devices accessing data, the
absence of a traditional network border to defend, and complex security issues like advanced persistent attacks (APTs). As 2024 approaches, cloud security will be a key component of corporate strategy. According to the Cost of a Data Breach Report 2023, 82% of breaches involved data stored in the cloud, and 45% of breaches were cloud-based. A lot of businesses think that a private cloud is a better place for their sensitive data to be safe. But public clouds have historically been more secure since the majority are managed by security professionals who are aware of cloud security issues and know how to resolve them. Difficulty with cloud security: Insufficient visibility, multiple tenants, control over access and shadow IT, adherence to regulations, and incorrect setups.
Zero Trust security is a cloud security Model. Zero Trust security requires verification from anybody attempting to access network resources, as no one is trusted by default from either the inside or outside of the network. The five complimentary areas of work (pillars) that make up CISA’s zero trust model are Identity, Devices, Networks, Applications and Workloads, and Data. These must all be accomplished to establish a zero-trust model. A zero-trust network is made up of three essential parts: trust, device authentication, and user/application authentication. For instance, a new hire does not initially have access to any systems when they first join the organization or when a new service account is formed.
In the face of a network that is perceived as compromised, zero trust offers a set of principles and ideas intended to reduce uncertainty in enforcing precise, least privilege per-request access decisions in information systems and services. The zero-trust security paradigm, commonly referred to as perimeterless security or zero trust architecture (ZTA), is a methodology for the planning, development, and deployment of IT systems. According to research by global technology corporation Cisco, about 90% of enterprises have started implementing zero-trust security, but many still have a long way to go. Nonetheless, the most common barriers to implementing Zero Trust were senior management’s lack of support and ignorance of the concept. The upshot is that, according to Gartner, more than half of companies will not be able to reap the rewards of zero trust. The expenses for establishing a zero-trust approach include the time the organization spends planning such a complex project, the time it takes for each team within the organization to assist in classifying their data, and the time it takes users. These costs are in addition to the cost of purchasing and implementing solutions that cover the entire attack
surface.
Kavindu is a dedicated professional with a passion for education and cybersecurity. With over 5 years of experience in the academic sector, Kavindu is currently pursuing his doctoral degree as a PhD candidate at Kotelawala Defence University. His academic journey has been marked by excellence, as he holds an MSc (Hons) in Cyber Security and a PgD in Cybersecurity from SLIIT. His foundation in Information Technology comes from earning a BSc (Hons) degree at Kotelawala Defence University. His passion for knowledge extends to research, with two published research papers to his name, and he also holds certifications including CCNA 1 and CCNA 2 with NSE 3x certifications, demonstrating his commitment to staying at the forefront of technology.
Chirath is a highly skilled and accomplished cybersecurity professional currently serving as the Technical Lead at AION Cybersecurity (PVT) Ltd. With an impressive track record spanning 9 years in the industry, Chirath brings a wealth of expertise across various disciplines in the cybersecurity field. He holds an MSc with Distinction, a PgDip, and a BEng (Hons) with First Class Honors, reflecting his commitment to excellence in academic achievements. Additionally, Chirath possesses several industry certifications, including (ISC)2 CC, 5 Azure certifications, AWS-SAA, CFR, RCCE, CHFI, CEH, and QCS (Qualys). He is also a member of professional organizations like MIET and MCSSL. Notably, Chirath has published 2 research papers and 26 research articles, showcasing his dedication to advancing knowledge and innovation in the cybersecurity domain.
WhatsApp us